Middle East and Africa Forum

Cape Town, South Africa
14-15 March 2018

Registration Open

Join us at the 2018 Middle East and Africa Forum

Don’t miss THE data security event of the year for the payment card industry. Join us for: Networking opportunities, updates on industry trends, insights and strategies on best practices, engaging keynotes and industry expert speakers.


The PCI Security Standards Council’s 2018 Middle East and Africa Forum (MEAF) is THE place to be. We provide you the information and tools to help secure payment data. We lead a global, cross industry effort to increase payment security by providing industry-driven, flexible and effective data security standards and programs that help businesses detect, mitigate and prevent criminal attacks and breaches. Don’t miss out!


Join us for a day of discovery, updates and insights from members of the Council and regional community figures and merchants.

Wednesday, 14 March
7:30 Registration Open
7:30 - 9:00Networking Breakfast
9:00 – 9:30Welcome Remarks
Presented by: Jeremy King, International Director, PCI Security Standards Council
9:30 - 10:15Keynote: State of the Council
Presented by: Lance J. Johnson, Executive Director, PCI Security Standards Council

10:15 - 10: 45Regional Insights, a Panel Discussion
Presented by: TBD

Join this session for a panel discussion on the Middle East and Africa threat landscape, evolution of payments and how the region is helping to secure payment data.
10:45 - 11:15Networking Break and Vendor Showcase
11:15 - 12:15Shifting Paradigms: How Innovation is Changing Payment Security (and Standards)
Presented by: Troy Leach, Chief Technology Officer, PCI Security Standards Council
12:15 - 13:00Session TBD
13:00 - 14:00 Networking Lunch and Vendor Showcase
14:00 - 14:45Session TBD
Presented by: Andrew Henwood, CEO, Foregenix
14:45 - 15:30How Could Africa Benefit from the Lessons that Europe Learned the Hard Way?
Presented by: Steve Marshall, Chief Operating Officer, Risk-X

This session will show how Europe is adapting to the changing face of payment security and the solutions that are used. Having been a QSA for 10 years, and now a PFI, Mr. Marshall will share his experiences of the payment compromises that have happened in Europe. European companies have learned the hard way (well, some of them!) what works and what doesn't. Africa is on an amazing growth curve in terms of change to its payments solutions. Learn how you can avoid the pitfalls the Europeans made and get it right the first time!
15:30 - 16:00Networking Break and Vendor Showcase
16:00 - 16:30PCI Compliance Through Cybersecurity Operations Center (CSOC) & Threat Management
Presented by: Aadesh Gawde, Principal Consultant, ProVise Consulting

This session will discuss how PCI related risks, threats and vulnerabilities should be identified, mitigated, monitored and overall managed through the CSOC and threat management capabilities of an organization. Mr. Gawde will look at the identification of Tech, PCI non-compliance in network, processes, applications, databases, endpoints and mitigating as the first step as well as monitoring the residual risks and close monitoring for primary controls through the CSOC.
16:30 - 17:00Session TBD
17:00 - 17:30PCI DSS May Simplify Protection of Personal Information (PoPI) Compliance
Presented by: Simeon Tassev, Managing Director, Galix Networking Pty. Ltd.

In this session, you will learn how PCI DSS may help simplify PoPI compliance. South African businesses are preparing for the implementation of the Protection of Personal Information (PoPI) Act, undergoing audits and testing compliancy. This is a large task on its own, however, many organisations are simultaneously doing a PCI DSS audit, making for an even more complex and challenging process. PCI DSS, is a well-entrenched standard, with established best practices in place, and tried-and-trusted implementation processes.
17:30 - 19:00Networking Reception and Vendor Showcase
Thursday, 15 March
7:30Registration Open
7:30 - 9:00Networking Breakfast
9:00 - 9:30 Welcome Remarks and Regional Update
Presented by: Jeremy King, International Director, PCI Security Standards Council
9:30 - 10:15Keynote TBD
10:15 - 10:45Networking Break and Vendor Showcase
10:45 - 11:30How to Improve the Effectiveness of Your PCI DSS Controls
Presented by: Ciske van Oosten, Intelligence Manager, Verizon/CyberTrust

How do you improve the investment of your PCI compliance program? How do you measure the effectiveness of your security controls to be confident that it will withstand attacks? How do you measure the performance of your security and compliance efforts to have the visibility you need? Attend this session to learn more, based on hands-on industry research from Verizon - a leading global qualified security assessor.
11:30 - 12:15Exploring PCI Beyond Card Payments
Presented by: Walter Volker, Chief Executive Officer, The Payments Association South Africa (PASA)
12:15 - 13:00PCI Programs Update
Presented by: Mauro Lance, Chief Operating Officer, PCI Security Standards Council
13:00 - 13:30Get Involved and Support Resources Overview and Closing Remarks
Presented by: Jeremy King, International Director, PCI Security Standards Council and Mark Meissner, VP Public Relations, PCI Security Standards Council

Attend this sesion to hear about everything that PCI SSC has to offer you and your organization so you can help secure payment data. We will also share all the ways you can be more involved with PCI SSC.


Please continue to check back for updates on our Sponsors


Sponsorship Opportunities

An exclusive opportunity to position your company as a leader in the global payment security industry.



Employee Education is the Best Defense for Protecting your Organization’s Data Assets.

In conjunction with the Middle East and Africa Forum three training courses are available, allowing attendees to make the most of their travel time and budgets. The trainings will take place at The Westin Cape Town.


Qualified Security Assessor Training |  7-8 March

The two-day Qualified Security Assessor (QSA) class provides instruction on how to conduct assessments of merchants, institutions and service providers who must be compliant with the PCI DSS.


Payment Card Industry Professional |  9 March

The only instructor-led Payment Card Industry Professional (PCIP) class scheduled for 2018 delivers an individual qualification in payment security information.  Come away armed with the tools to support a secure payment environment and help your organization achieve PCI compliance.


Internal Security Assessor | 12-13 March

The two-day Internal Security Assessor (ISA) class provides large merchants, acquiring banks, and processors the opportunity to build their internal payment data security expertise, as well as increase their efficiency in complying with PCI Standards.


Current Exhibitors:

Get the latest updates on the 2018 Middle East and Africa Forum by joining our mailing list.